更新数据库使用JavaScript数据库、JavaScript
希望这将是我要问this..lol最后一个问题。我不能太远的工作液(hopefully..lol)的。在谈到这个问题:
Hopefully this will be the last question I need to ask about this..lol.. I cant be too far of the working solution(hopefully..lol). In reference to this question:
将数据传递到使用JavaScript库的onClick
我想传递一个值来使用JavaScript数据库。下面是code我使用。而只是对视觉辅助,我已经包括了这是什么输出的屏幕截图。希望这将有助于解释什么我试着去也能达到。遇到的问题即时通讯是JavaScript投票链接pretty的多无助...笑...ü单击它,并没有任何反应。 preferably我想链接的文本简单地更改为你的投票!一旦链接被点击,和数据发送/:收到,但警报将被罚款,只要我能得到这个工作,并更新数据库。
I am trying to pass a value to the database using javascript. Below is the code i am using. And just for visual aid, Ive included a screenshot of what this outputs. Hopefully it will help to explain what im trying to achieve also. The problem im having is the javascript "Vote" link pretty much does nothing...lol... u click it, and nothing happens. Preferably i would like the links text to simply change to "You Voted!" once the link has been clicked, and data sent/recieved, but an alert will be fine, as long as i can get this to work and update the database.
谢谢大家:)
<?php if(isset($_POST['score'])) {
mysql_query("INSERT INTO score (score_count) VALUES ($_POST[score])");
} $user_id = uid();
$m = mysql_query("SELECT * FROM friends WHERE friend_user_id1 = '$user_id' AND friend_status != '0' LIMIT 15");
while ($t = mysql_fetch_array($m))
{
$fid = $t[friend_user_id2];
$f = mysql_query("SELECT * FROM users WHERE user_status != '' AND user_status_date != '0' AND user_id = '$fid' ORDER BY user_status_date ASC LIMIT 15") or die(mysql_error());
while ($rows = mysql_fetch_array($f))
{
$date = parse_date($rows[user_status_date]);
echo "<div style='margin: 5px;'><table><tr><td valign='top' style='width:55px;'><a href='page.php?id=$rows[user_username]'>";
_photo($rows[user_id]);
echo '</a></td><td valign="top"> <a href="page.php?id='.$rows[user_username].'" class="blue"><b>'.$rows[user_username].'</b></a> - <span style="font-size:7pt;">'.$date.'</span><span style="font-size:7pt;"> - <a href="javascript:(void);" onclick="updateScore(this, correct)" class="blue">Vote</a></span>
<br />'.$rows[user_status].'</td><td valign="top"></td></tr></table></div>';
}
}
?>
<script type="text/javascript">
function updateScore(answer, correct) {
if (answer == correct) {
$.get('index.php', {'score': '1'}, function(d) {
alert('Vote Accepted: ' + d);
});
}
}
</script>
输出:
推荐答案
哇,我从哪里开始。好吧,我搞掂你的code。下面是修改列表
Wow, where do I begin. Ok, I fixed up your code. Here's a list of the changes
在格式化code的可读性(你在这里需要一些严重违纪) 将它们用在查询之前的Sanitized输入(prevents SQL注入) 添加字符串分隔符来关联数组键查找(prevents E_NOTICE错误) 在打印成HTML之前逃出潜在的危险值(prevents XSS) 在一个很大的输出字符串,而不是删除尴尬回声语句,并更改为HTML模式
更新JavaScript才能使用 $。员额()而不是 $。获得(),因为你从读 $ _ POST 阵列在脚本的顶部。
Formatted code for legibility (you need some serious discipline here)
Sanitized inputs before using them in queries (prevents SQL injection)
Added string delimiters to associative array key lookups (prevents E_NOTICE errors)
Escaped potentially dangerous values before printing as HTML (prevents XSS)
Removed awkward echo statements and changed to HTML mode for large output strings instead
Updated javascript to use $.post() instead of $.get() since you read from the $_POST array at the top of the script.
这里的code:
<?php
if ( isset( $_POST['score'] ) )
{
$result = mysql_query( "INSERT INTO score (score_count) VALUES (" . mysq_real_escape_string( $_POST['score'] ) . " )" );
echo $result ? 'Vote Succeeded' : 'Vote Failed: ' . mysql_error();
exit;
}
$user_id = mysql_real_escape_string( uid() );
$m = mysql_query( "SELECT * FROM friends WHERE friend_user_id1 = '$user_id' AND friend_status != '0' LIMIT 15" );
while ( $t = mysql_fetch_array( $m ) )
{
$fid = mysql_real_escape_string( $t['friend_user_id2'] );
$f = mysql_query( "SELECT * FROM users WHERE user_status != '' AND user_status_date != '0' AND user_id = '$fid' ORDER BY user_status_date ASC LIMIT 15" ) or die ( mysql_error() );
while ( $rows = mysql_fetch_array( $f ) )
{
$date = parse_date( $rows['user_status_date'] );
?>
<div style="margin: 5px;">
<table>
<tr>
<td valign="top" style="width:55px;">
<a href="page.php?id=<?php echo escapeForHtml( $rows['user_username'] ); ?>">
<?php _photo( $rows['user_id'] ); ?>
</a>
</td>
<td valign="top">
<a href="page.php?id=<?php echo escapeForHtml( $rows['user_username'] ); ?>" class="blue">
<b><?php echo escapeForHtml( $rows['user_username'] )?></b>
</a> - <span style="font-size:7pt;"><?php echo escapeForHtml( $date )?></span>
<span style="font-size:7pt;"> - <a href="javascript:;" onclick="updateScore(this)" class="blue">Vote</a></span>
<br /><?php echo escapeForHtml( $rows['user_status'] ); ?></td><td valign="top">
</td>
</tr>
</table>
</div>
<?php
}
}
function escapeForHtml( $value )
{
return htmlspecialchars( $value, ENT_COMPAT, 'UTF-8' );
}
?>
<script type="text/javascript">
function updateScore(answer, correct)
{
if (answer == correct)
{
$.post('index.php', {'score': '1'}, function(d)
{
alert('Vote Accepted: ' + d);
});
}
}
</script>
在我所有做的,然后,我可以清楚地看到你的成功条件的POST实际发生的是未知的我。你比较答案到正确但这code段没有让我看到正确从何而来。一旦 updateScore()函数中我可以看到答案是一个引用被点击的HTMLAnchorElement - 但什么在源的值送入正确?
After I got all that done, I could then clearly see that your success condition for the POST to actually take place is unknown to me. You compare answer to correct but this code snippet doesn't let me see where correct comes from. Once inside the updateScore() function I can see that answer is a reference to the HTMLAnchorElement that was clicked - but what is the source for the value sent into correct?
要具体,我要带这个加粗部分此处
To be specific, I'm taking about this bolded part here
的onclick =updateScore(本,正确)
onclick="updateScore(this, correct)"
试试这一个版本的功能,一个成功的表决后更新链接
Try this for a version of your function that updates the link after a successful vote
<script type="text/javascript">
function updateScore( answer )
{
if ( confirm( "Are you sure?" ) )
{
$.post('index.php', {'score': '1'}, function(d)
{
alert('Vote Accepted: ' + d);
$(answer).after("<span>You Voted!</span>").remove();
});
}
}
</script>
